#!/usr/bin/perl
# SCRIPT PAGE
use strict;
use warnings;
require 'forum_common.pl';

connect_to_database() or bad_deal();
my $user = get_current_user(get_sess_id());

bad_deal('', yaali($user)) if ($user);

record_this_hit();

my $prev = param('http_referer') || referer() || $forum::root_path;
$prev = $forum::root_path if ((split'/',$prev)[-1] eq $0);

$ENV{REQUEST_METHOD} = 'POST';
my ($msg, $username, $password) = ('');
if (defined($username = param('username')) &&
	defined($password = param('password')) &&
	$ENV{REQUEST_METHOD} eq 'POST')
{
	my ($user, $sess_id);
	if ($user = find_user($username, $password) and
		$sess_id = create_sess_id($user))
	{
		print redirect(-status=>303, -location=>$prev,
						-cookie=>sess_id_cookie($sess_id));
		exit;
	}
	else
	{
		$msg = nl2br(forum_error());
	}
}

print	header($forum::http_header),
		forum_start(),
		$msg,
		'<div class="ftable divcalign" style="border-spacing:1em;">',
		start_form(-action=>'', -method=>'post'),
		hidden(-name=>'http_referer', -value=>$prev, -override=>1),
		'<fieldset id="login">',
		legend('Login'),
		div({-class=>'ftr'},
			div({-class=>'ftd ralign'}, 'Username: '),
			textfield(-name=>'username', -size=>24, -maxlength=>24)),
		div({-class=>'ftr'},
			div({-class=>'ftd ralign'}, 'Password: '),
			password_field(-name=>'password',-size=>24,-maxlength=>24,
							-override=>1)),
		div({-class=>'ftr'},
			'<div class="ftd"></div>', # html is stupid
			submit(-name=>'login', -value=>'Login')),
		'</fieldset>',
		'</form>', # I hate perl
		'</div>';
# print the "Forgot Password?" form

gameover:
print forum_end();
forum_disconnect();
